condor_store_cred stores passwords in a secure manner.
There are two separate uses of condor_store_cred:

A shared pool password is needed in order to implement the
PASSWORD authentication method.
condor_store_cred using the -c option deals with the
password for the implied condor_pool@$(UID_DOMAIN) user name.

On a Unix machine,
condor_store_cred with the -f option is used to set
the pool password,
as needed when used with the PASSWORD authentication method.
The pool password is placed in a file specified by
the SEC_PASSWORD_FILE configuration variable.

In order to submit a job from a Windows platform machine,
or to execute a job on a Windows platform machine utilizing the
run_as_owner functionality,
condor_store_cred stores the password
of a user/domain pair securely in the Windows registry.
Using this stored password,
HTCondor may act on behalf of the submitting user to access files,
such as writing output or log files.
HTCondor is able to
run jobs with the user ID of the submitting user.
The password is stored in the same manner as the system does when
setting or changing account passwords.

Passwords are stashed in a persistent manner; they are maintained
across system reboots.

The add argument on the Windows platform
stores the password securely in the registry.
The user is prompted to enter the password twice for confirmation,
and characters are not echoed.
If there is already a password stashed,
the old password will be overwritten by the new password.